Since nothing happened after 2 days after i’ve sent these FP’s to submission mail, i’ll post it here…
FP fixing response is awful (at least for mail). Detection also doesn’t seem to be any faster.
These are all verified and even though some are no-cd patches and offline loaders, they aren’t malicious at all.
Confirmed by ALWIL and AVIRA, because they already solved those FP’s.
We will get back to you after investigating the files.
Thanks for the submission!
So? It’s almost 3 days since i’ve sent false positives and virus samples and nothing is either detected or fixed.
Slooooooow. Any other vendor would have fixed everything by now. Especially false positives.
The files that were confirmed as false positives have been fixed with DB 1107.
And others are still “malware” because… !? Because they were not fixed.
3 of them are just loader files so i can use one program without net connection and one is keygen (yes, but it’s still not a malware as CIS states).
Please note that files like exe patchers, loaders and other programs with such behaviour on legitimate programs won’t be seen as goodware. Besides, such programs use non standard executable packing mechanisms/encryption schemes which triggers the heuristics on such files. Such mechanisms are usually employed in malicious files to prevent AV programs from detecting them, which is why a generic approach in detecting such behavious becomes necessary. This is one such detection and if one wants to use such kind of software unconditionally, it is always possible to add them to the exclusion list in AV options.
It’s detected as Unclassified malware which is no heuristic detection, meaining it’s pure FP.